KPMG Personalization

Notice of updates
!

Since the last time you logged in our privacy statement has been updated. We want to ensure that you are kept up to date with any changes and as such would ask that you take a moment to review the changes. You will not continue to receive KPMG subscriptions until you accept the changes.

Hi
!

Our privacy policy has been updated since the last time you logged in

We want to make sure you're kept up to date. Please take a moment to review these changes. You will not receive KPMG subscription messages until you agree to the new policy.

Highlights

Related content

Businesses of all sizes are struggling to identify, assess and respond to an explosion of digital threats and targeted cyber attacks that could paralyze their operations.

Cyber crime is high on the agenda of business executives, according to KPMG’s 2017 Global CEO Outlook, and we see strong signals that many CEOs are moving beyond a generic view of cyber risk to develop risk, resilience and mitigation plans in the parts of their business that could be most seriously affected. Cyber insurance is an important way for CEOs to protect their organizations.

Closing the gaps in cyber insurance

Unfortunately, as cyber risks and attacks proliferate, many organizations and their insurers are discovering alarming gaps in the coverage provided by traditional insurance policies. Cyber insurance has traditionally focused primarily on digital assets such as customer data. Now, the global industry is starting to expand into adjacent insurance lines across both the intangible and tangible asset space.

As the scope, frequency and impact of cyber-related incidents soars, huge new opportunities exist for insurers positioning themselves for growth in the cyber-insurance market. For those that get it right, the rewards will be significant in a market that is predicted to be worth more than US$10 billion in global premiums by 2020.

The immediate challenges for insurers include the need to enhance their cyber capabilities, unravel the complexity of modeling and pricing, and redefine their organizational structures. Forward-looking insurers are evolving their focus from property and assets coverage to providing a full spectrum of services across these three key categories:

Understanding risk - Insurance providers are working with technology companies to leverage their deep know-how in customer use cases and software and hardware vulnerabilities.

Preventing risk – While businesses remain slow to implement preventive measures due to low awareness and recognition of the value of such services, incentives could drive up implementation and a move toward preventative services is likely to lead to a decrease in overall premiums and claims.

Responding to cyber incidents – Insurance players have already established partnerships to provide a variety of cyber incident response services. While customer take-up rates have been relatively low, the industry may see expansion in this area as customer awareness of the added value gradually grows.

The four waves of cyber insurance development

As insurers seek to expand coverage and introduce innovative solutions, industry experts anticipate that the development of cyber insurance is about to undergo several critical ‘waves.’ From an initial focus on digital assets, the sector is expected to expand to encompass a range of new products covering other asset classes, as well as addressing non-cyber perils in traditional insurance.

Wave 2: Enhancing risk-modeling to expand coverage to assets with cyber triggers As risk-modeling capabilities evolve, insurers could expand their offerings into other cyber areas. In the short term, cyber insurance will diversify into business interruption and network and service liability. In the medium- to longer-term, insurers can start addressing losses to other intangible assets arising from issues like reputational harm.

Wave 4: Transitioning from cyber to intangible asset insurance on non-cyber perils Some market participants see a natural future evolution of cyber insurance could to include damage to intangible assets with non-cyber perils, such as reputational harm due to product recall, which is rarely covered by traditional insurance.

The insurance industry is at the threshold of a major shift that poses real challenges but the payoff promises to be significant for insurers willing to rethink strategies and offerings for the digital age.